public void AddFinding(Finding F) { F.ScanId = this.ID; F.AffectedSection = this.InjectedSection; F.AffectedParameter = this.InjectedParameter; F.FinderName = this.ActivePluginName; F.FinderType = "ActivePlugin"; F.BaseRequest = this.BaseRequest; F.BaseResponse = this.BaseResponse; this.PRs.Add(F); F.Report(); }
internal static void Start() { ProxyRunning = true; if (!EventHandlersAssigned) { Fiddler.FiddlerApplication.AfterSessionComplete += delegate(Fiddler.Session Sess) { IronProxy.AfterSessionComplete(Sess); }; Fiddler.FiddlerApplication.BeforeRequest += delegate(Fiddler.Session Sess) { IronProxy.BeforeRequest(Sess); }; Fiddler.FiddlerApplication.BeforeResponse += delegate(Fiddler.Session Sess) { IronProxy.BeforeResponse(Sess); }; Fiddler.FiddlerApplication.OnValidateServerCertificate += delegate(object sender, Fiddler.ValidateServerCertificateEventArgs e) { if(e.CertificatePolicyErrors != SslPolicyErrors.None) { string PluginName = "Internal SSL Checker"; string Signature = string.Format("SSLCertificateChecker|{0}|{1}|{2}", new object[] { e.Session.host, e.Session.port.ToString(), e.CertificatePolicyErrors.ToString() }); if (Finding.IsSignatureUnique(PluginName, e.Session.host, FindingType.Vulnerability, Signature)) { Finding PR = new Finding(e.Session.host); PR.Plugin = PluginName; PR.Severity = FindingSeverity.Medium; PR.Confidence = FindingConfidence.High; PR.Title = string.Format("SSL Certificate Error for {0}:{1} ", new object[] { e.Session.host, e.Session.port.ToString() }); PR.Summary = string.Format("The remote server running Host: {0} and Port: {1} returned an invalid SSL certificate.<i<br>> <i<h>>Error:<i</h>> {2}. <i<br>> <i<h>>Certificate Details:<i</h>> {3}", new object[] { e.Session.host, e.Session.port.ToString(), e.CertificatePolicyErrors.ToString(), e.ServerCertificate.Subject }); PR.Signature = Signature; PR.Report(); } e.Session.oFlags.Add("IronFlag-SslError", "Yes"); } //string SSLError = sslPolicyErrors.ToString(); //if (!SSLError.Equals("None")) //{ // string PluginName = "Internal SSL Checker"; // string Signature = string.Format("SSLCertificateChecker|{0}|{1}|{2}", new object[] { Sess.host, Sess.port.ToString(), sslPolicyErrors.ToString() }); // if (Finding.IsSignatureUnique(PluginName, Sess.host, FindingType.Vulnerability, Signature)) // { // Finding PR = new Finding(Sess.host); // PR.Plugin = PluginName; // PR.Severity = FindingSeverity.Medium; // PR.Confidence = FindingConfidence.High; // PR.Title = string.Format("SSL Certificate Error for {0}:{1} ", new object[] { Sess.host, Sess.port.ToString() }); // PR.Summary = string.Format("The remote server running Host: {0} and Port: {1} returned an invalid SSL certificate.<i<br>> <i<h>>Error:<i</h>> {2}. <i<br>> <i<h>>Certificate Details:<i</h>> {3}", new object[] { Sess.host, Sess.port.ToString(), sslPolicyErrors.ToString(), ServerCertificate.Subject }); // PR.Signature = Signature; // PR.Report(); // } // Sess.oFlags.Add("IronFlag-SslError", "Yes"); // bTreatCertificateAsValid = false; // return false; //} //else //{ // bTreatCertificateAsValid = true; // return true; //} }; //Fiddler.FiddlerApplication.OnValidateServerCertificate.OverrideServerCertificateValidation += delegate(Fiddler.Session Sess, string sExpectedCN, X509Certificate ServerCertificate, X509Chain ServerCertificateChain, SslPolicyErrors sslPolicyErrors, out bool bTreatCertificateAsValid) //{ // string SSLError = sslPolicyErrors.ToString(); // if (!SSLError.Equals("None")) // { // string PluginName = "Internal SSL Checker"; // string Signature = string.Format("SSLCertificateChecker|{0}|{1}|{2}", new object[] { Sess.host, Sess.port.ToString(), sslPolicyErrors.ToString() }); // if (Finding.IsSignatureUnique(PluginName, Sess.host, FindingType.Vulnerability, Signature)) // { // Finding PR = new Finding(Sess.host); // PR.Plugin = PluginName; // PR.Severity = FindingSeverity.Medium; // PR.Confidence = FindingConfidence.High; // PR.Title = string.Format("SSL Certificate Error for {0}:{1} ", new object[] { Sess.host, Sess.port.ToString() }); // PR.Summary = string.Format("The remote server running Host: {0} and Port: {1} returned an invalid SSL certificate.<i<br>> <i<h>>Error:<i</h>> {2}. <i<br>> <i<h>>Certificate Details:<i</h>> {3}", new object[] { Sess.host, Sess.port.ToString(), sslPolicyErrors.ToString(), ServerCertificate.Subject }); // PR.Signature = Signature; // PR.Report(); // } // Sess.oFlags.Add("IronFlag-SslError", "Yes"); // bTreatCertificateAsValid = false; // return false; // } // else // { // bTreatCertificateAsValid = true; // return true; // } //}; Fiddler.FiddlerApplication.OnNotification += delegate(object Sender, Fiddler.NotificationEventArgs Args) { if (Args.NotifyString.Contains("Unable to bind to port")) { IronProxy.Stop(); IronException.Report("Proxy could not be stared", "Listening Proxy could not be started. Likely reason could be the use of the port by another process",""); IronUI.ShowProxyStoppedError("Proxy Not Started! All features depend on the proxy, start proxy to activate them."); } }; EventHandlersAssigned = true; } Fiddler.CONFIG.IgnoreServerCertErrors = true; //Fiddler.CONFIG.bReuseServerSockets = false; IronUI.UpdateProxyStatusInConfigPanel(true); if (IronProxy.LoopBackOnly) { Fiddler.FiddlerApplication.Startup(IronProxy.Port, Fiddler.FiddlerCoreStartupFlags.Default & ~ Fiddler.FiddlerCoreStartupFlags.AllowRemoteClients & ~Fiddler.FiddlerCoreStartupFlags.RegisterAsSystemProxy); //Fiddler.FiddlerApplication.Startup(IronProxy.Port, Fiddler.FiddlerCoreStartupFlags.Default); } else { Fiddler.FiddlerApplication.Startup(IronProxy.Port, Fiddler.FiddlerCoreStartupFlags.Default & ~Fiddler.FiddlerCoreStartupFlags.RegisterAsSystemProxy & ~Fiddler.FiddlerCoreStartupFlags.ChainToUpstreamGateway); } }
public void AddFinding(Finding PR) { this.PRs.Add(PR); PR.Plugin = this.ActivePluginName; PR.Report(); }